<?php

require_once 'function.php';

//验证输入
if(!isset($_COOKIE['uid']) || !isset($_COOKIE['key']) || !isset($_POST['file']) || !isset($_POST['from'])){
	print_json(array('error'=>1 , 'msg'=>'Param error'));
	die();
}
$uid = $_COOKIE['uid'];
$key = $_COOKIE['key'];

//验证用户认证信息
if(!check_userkey($uid , $key)){
	print_json(array('error'=>1 , 'msg'=>'Unauthorized'));
	die();
}

//获取文件归属用户的上传目录
$user_dir = user_getdir($_POST['from']);
if($user_dir === ''){
	print_json(array('error'=>1 , 'msg'=>'Dir not exist'));
	die();
}

//验证文件是否存在
if(!file_exists($user_dir.$_POST['file'])){
	print_json(array('error'=>1 , 'msg'=>'File not exist'));
	die();
}

//下载文件
Header ( "Content-type: application/octet-stream" );
Header ( "Accept-Ranges: bytes" );
Header ( "Accept-Length: " . filesize ( $user_dir.$_POST['file'] ) );
Header ( "Content-Disposition: attachment; filename=" . $_POST['file'] );
$file = fopen ($user_dir.$_POST['file'], "rb" );
echo fread ( $file, filesize ( $user_dir.$_POST['file'] ) );    
fclose ( $file );
?>